Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ajQs2XBxR1QM0cjnuQUgqrVOakw.roa
File: ajQs2XBxR1QM0cjnuQUgqrVOakw.roa (raw, json)
Hash identifier: zVSI/owfXp7aAdzzHLKD8/twgVPBBzWkKgBA2JR92AI=
Subject key identifier: 6A:34:2C:D9:70:71:47:54:0C:D1:C8:E7:B9:05:20:AA:B5:4E:6A:4C
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0186A6937F10192095FA340807A023F0800D
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ajQs2XBxR1QM0cjnuQUgqrVOakw.roa
Signing time: Fri 03 Mar 2023 08:25:29 +0000
ROA not before: Fri 03 Mar 2023 08:25:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 5.105.122.0/24 maxlen: 24
5.105.79.0/24 maxlen: 24
5.105.91.0/24 maxlen: 24
5.105.90.0/24 maxlen: 24
5.105.92.0/24 maxlen: 24
5.105.93.0/24 maxlen: 24
5.105.108.0/24 maxlen: 24
5.105.23.0/24 maxlen: 24
5.105.38.0/24 maxlen: 24
5.105.39.0/24 maxlen: 24
5.105.223.0/24 maxlen: 24
5.105.222.0/24 maxlen: 24
5.105.224.0/24 maxlen: 24
5.105.225.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:93:7f:10:19:20:95:fa:34:08:07:a0:23:f0:80:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Mar 3 08:25:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a342cd9707147540cd1c8e7b90520aab54e6a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5e:c0:dc:a6:e4:cf:44:ef:84:f8:b9:0b:a0:
e0:b2:85:cc:b5:28:85:46:75:6f:92:4f:e8:0f:0d:
98:53:fc:a3:6b:4d:19:64:69:6e:fe:82:a4:b2:2a:
d7:b1:29:dd:70:05:df:8b:0b:e5:ad:b8:39:ea:11:
25:9d:95:6c:38:f5:c2:ed:af:94:63:d4:3e:3d:72:
76:ca:51:44:2f:6f:41:cb:a3:cb:2e:62:89:b5:4c:
1a:c0:48:05:7e:27:20:5a:ed:43:a6:ad:41:1b:f5:
92:8b:a4:fe:ea:80:a2:99:cd:bc:b4:d4:8e:c7:fa:
ac:d9:01:7f:24:b6:99:f3:0b:11:d8:fd:cd:9a:b6:
2d:39:a8:28:b0:e7:c7:8c:71:ce:fb:ed:36:23:6a:
2e:45:f0:de:e5:5f:d4:8b:2f:b3:66:36:ef:0e:c3:
1c:b1:05:17:8b:52:5f:05:fa:be:58:6d:9e:53:e2:
fa:a9:52:78:38:f0:09:6d:75:65:90:1c:c8:8f:b2:
bc:52:80:60:dd:aa:31:c3:2d:aa:80:70:8f:2c:3e:
39:23:d1:cd:9b:7b:da:c1:b4:1b:69:98:e9:ba:81:
45:af:b4:49:8a:bc:54:2e:53:fb:b7:a8:bf:86:41:
54:4c:be:a9:3a:f9:95:07:06:9f:64:4f:f9:fa:d1:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:34:2C:D9:70:71:47:54:0C:D1:C8:E7:B9:05:20:AA:B5:4E:6A:4C
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/ajQs2XBxR1QM0cjnuQUgqrVOakw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.105.23.0/24
5.105.38.0/23
5.105.79.0/24
5.105.90.0-5.105.93.255
5.105.108.0/24
5.105.122.0/24
5.105.222.0-5.105.225.255
Signature Algorithm: sha256WithRSAEncryption
04:e5:1c:96:16:34:dd:32:ab:50:ca:78:b6:52:7e:ab:d2:17:
ea:e6:2b:e2:3f:ab:3f:cf:6b:bd:53:87:e3:0a:7d:e4:50:19:
fe:6f:7f:97:03:4b:f7:fb:6d:f6:54:33:fe:e1:68:1c:32:cf:
23:29:61:1a:5f:a7:2e:2b:db:54:5b:7e:ec:10:52:d1:cc:38:
20:b5:f3:c9:fe:79:49:41:32:f1:80:b1:2f:b2:49:60:52:39:
aa:c7:32:92:3d:ab:ae:ac:95:36:50:11:bc:c4:86:3f:a3:e6:
0c:7a:59:80:bc:b8:46:c8:1c:af:f0:4c:fa:b5:41:e6:ea:96:
94:b5:5e:ce:be:e4:ec:31:8d:9a:de:dc:e6:e4:b4:c5:4f:3d:
20:9e:16:44:6e:1b:71:7f:3a:ba:b7:12:81:1f:c8:a9:20:db:
59:ce:e1:f4:36:3c:a6:e0:98:bf:f7:38:79:23:ed:12:38:26:
86:7c:da:b9:ac:28:a9:79:00:18:8e:92:51:ec:f8:4b:11:1e:
f8:b0:36:10:3f:2d:c2:30:0b:40:45:e0:51:80:f4:ee:31:31:
f3:f3:6c:a1:d1:8d:b4:d0:9c:f0:2f:3b:7a:e5:79:5b:a6:55:
86:9b:8a:d4:24:a2:db:7d:6c:c1:63:05:27:1c:67:f9:9b:e3:
a1:b4:43:e9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYamk38QGSCV+jQIB6Aj8IANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwMzAzMDgyNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM0MmNkOTcwNzE0NzU0MGNkMWM4ZTdiOTA1MjBhYWI1NGU2YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll7A3Kbkz0TvhPi5C6DgsoXMtSiF
RnVvkk/oDw2YU/yja00ZZGlu/oKksirXsSndcAXfiwvlrbg56hElnZVsOPXC7a+U
Y9Q+PXJ2ylFEL29By6PLLmKJtUwawEgFficgWu1Dpq1BG/WSi6T+6oCimc28tNSO
x/qs2QF/JLaZ8wsR2P3NmrYtOagosOfHjHHO++02I2ouRfDe5V/Uiy+zZjbvDsMc
sQUXi1JfBfq+WG2eU+L6qVJ4OPAJbXVlkBzIj7K8UoBg3aoxwy2qgHCPLD45I9HN
m3vawbQbaZjpuoFFr7RJirxULlP7t6i/hkFUTL6pOvmVBwafZE/5+tHv9wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGo0LNlwcUdUDNHI57kFIKq1TmpMMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvYWpRczJYQnhSMVFNMGNqbnVRVWdxclZPYWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQABWkXAwQB
BWkmAwQABWlPMAwDBAEFaVoDBAEFaVwDBAAFaWwDBAAFaXowDAMEAQVp3gMEAQVp
4DANBgkqhkiG9w0BAQsFAAOCAQEABOUclhY03TKrUMp4tlJ+q9IX6uYr4j+rP89r
vVOH4wp95FAZ/m9/lwNL9/tt9lQz/uFoHDLPIylhGl+nLivbVFt+7BBS0cw4ILXz
yf55SUEy8YCxL7JJYFI5qscykj2rrqyVNlARvMSGP6PmDHpZgLy4Rsgcr/BM+rVB
5uqWlLVezr7k7DGNmt7c5uS0xU89IJ4WRG4bcX86urcSgR/IqSDbWc7h9DY8puCY
v/c4eSPtEjgmhnzauawoqXkAGI6SUez4SxEe+LA2ED8twjALQEXgUYD07jEx8/Ns
odGNtNCc8C87euV5W6ZVhpuK1CSi231swWMFJxxn+ZvjobRD6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:18 2023 by rpki-client on console-fra.rpki-client.org